SlideShare a Scribd company logo

How to Choose the Right Security Information and Event Management (SIEM) Solution

IBM Security
IBM Security

View on-demand webinar: https://securityintelligence.com/events/choose-right-security-information-event-management-siem-solution/ Learn what matters most when choosing a SIEM solution. In this session, we take a tour of the 2015 Gartner Magic Quadrant for SIEM, and IBM experts will discuss what we believe has set IBM Security QRadar® apart from other vendors for 7 consecutive years.

Technology
1 of 29
Download to read offline
© 2015 IBM Corporation John Burnham Director, Strategic Communications and Analyst Relations IBM Security Chris Meenan Director, Security Intelligence Product Management and Strategy IBM Security How to Choose the Right Security Information and Event Management (SIEM) Solution
2© 2015 IBM Corporation Agenda  Introduction  2015 Gartner Magic Quadrant for SIEM  IBM Security QRadar SIEM Solutions – How we got here
3© 2015 IBM Corporation Agenda  Introduction  2015 Gartner Magic Quadrant for SIEM  IBM Security QRadar SIEM Solutions – How we got here
4© 2015 IBM Corporation QRadar in Gartner MQ Leaders Quadrant over the last 5 years 2011 2012 2013 2014 IBM/Q1 Labs • Vertical axis is “Ability to Execute • Horizontal Axis is “Completeness of Vision” 2015 leaders leaders
5© 2015 IBM Corporation IBM QRadar is in SIEM Leadership Quadrant For Seventh Straight Year “Magic Quadrant for Security Information and Event Management,” Gartner, July 2015 2015 Gartner MQ for SIEM: IBM Security QRadar is highest on “Ability to Execute” (the Y-axis) AND furthest to the right on “Completeness of vision” (the X-axis)  Ability to execute is an assessment of overall viability, product service, customer experience, market responsiveness, product track record, sales execution, operations, and marketing execution.  Completeness of Vision is a rating of product strategy, innovation, market understanding, geographic strategy, and other factors  “The need for early detection of targeted attacks and data breaches is driving the expansion of new and existing SIEM deployments. Advanced users are looking to augment SIEM with advanced profiling and analytics.” Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose
6© 2015 IBM Corporation IBM Security QRadar in Leadership Quadrant for Seventh Straight Year “Magic Quadrant for Security Information and Event Management,” Gartner, July 2015 What Gartner is Saying about QRadar  “Midsize and large enterprises with general SIEM requirements, and those with use cases that require behavior analysis, network flow and packet analysis, should consider QRadar.”  “Customer feedback indicates that the technology is relatively straightforward to deploy and maintain in both modest and large environments.”  “QRadar provides behavior analysis capabilities for NetFlow and log events.”  “The average of IBM reference customers satisfaction scores for scalability and performance, effectiveness of predefined correlation rules, report creation, ad hoc queries, product quality and stability, and technical support is higher than the average scores for all reference customers in those areas.” #1
7© 2015 IBM Corporation IBM Security QRadar in Leadership Quadrant for Seventh straight year “Magic Quadrant for Security Information and Event Management,” Gartner, July 2015 Other Gartner Comments about IBM Security QRadar:  “IBM Security's QRadar Platform includes QRadar SIEM, Log Manager, Vulnerability Manager, Risk Manager, QFlow and VFLow Collectors, and Incident Forensics. QRadar can be deployed as an appliance, a virtual appliance or as SaaS/infrastructure as a service (IaaS).”  “Components can be deployed in an all-in-one solution or scaled by using separate appliances for different functions.”  “Recent enhancements include incident forensics support, new data storage appliances, improved query support across logs, flow data, threat intelligence, and vulnerability and asset data. The capability to replay historical event data through current correlation rules is also now available.”  “IBM offers a hybrid delivery option for QRadar, with an on-premises QRadar deployment, a SaaS solution hosted on IBM Cloud and optional remote monitoring from IBM's managed security service operations centers.” #1
8© 2015 IBM Corporation And in case you had not heard…..  According to IDC*, IBM Security Systems: – Maintained the #1 position in Identity and Access Management – Maintained #1 position in Security Vulnerability Management (which includes SIEM) – Improved its share in Endpoint Security and Network Security. – Significantly outpaced overall security software market growth, and remained the #3 security software vendor in 2013." (Approved 4/23/14, IDC Permissions/Michael Shirer)  Gartner published their 2014 revenue/share estimate and IBM Security Systems: – 2015 Gartner rates IBM #1 in SIEM (3rd year) and #2 in Enterprise Security – IBM moved up to #3 in total share, and is the fastest growing security software vendor in the global market based on revenue (2014) – Grew +3X faster than the overall market: 19/5% *According to IDC's Worldwide Semiannual Software Tracker analysis for calendar 2013
9© 2015 IBM Corporation Agenda  Introduction  2014 Gartner Magic Quadrant for SIEM  IBM Security QRadar SIEM Solutions – How we got here
10© 2015 IBM Corporation The Need for Security Intelligence – Drives Everything We Do Escalating Threats Increasing Complexity Resource Constraints • Increasingly sophisticated attack methods • Disappearing perimeters • Accelerating security breaches • Constantly changing infrastructure • Too many products from multiple vendors; costly to configure and manage • Inadequate antivirus products • Struggling security teams • Too much data with limited manpower and skills to manage it all Spear Phishing Persistence Backdoors Designer Malware
11© 2015 IBM Corporation IBM QRadar Security Intelligence Platform Providing actionable intelligence IBM QRadar Security Intelligence Platform AUTOMATED Driving simplicity and accelerating time-to-value INTEGRATED Unified architecture delivered in a single console INTELLIGENT Correlation, analysis and massive data reduction
12© 2015 IBM Corporation The Core of Our Solution: IBM Security QRadar SIEM Suspected IncidentsAutomated Offense Identification • Unlimited data collection, storage and analysis • Built in data classification • Automatic asset, service and user discovery and profiling • Real-time correlation and threat intelligence • Activity baselining and anomaly detection • Detects incidents of the box Embedded Intelligence Servers and mainframes Data activity Network and virtual activity Application activity Configuration information Security devices Users and identities Vulnerabilities and threats Global threat intelligence Prioritized Incidents
13© 2015 IBM Corporation Answering questions to help prevent and remediate attacks
14© 2015 IBM Corporation Extending the Core with In-Depth Forensics Investigation Servers and mainframes Network and virtual activity Application activity Data activity Configuration information Vulnerabilities and threats Users and identities Global threat intelligence Security devices • Automated data collection and asset discovery • Real-time, and integrated analytics • Massive data reduction • Anomaly detection QRadar Incident Forensics • Full PCAP Forensics • Detailed Incident Meta- Data Evidence • Reconstruction of content and incident activity QRadar SIEM Offenses Identified by QRadar
15© 2015 IBM Corporation An integrated, unified architecture in a single web-based console Log Management Security Intelligence Network Activity Monitoring Risk Management Vulnerability Management Network Forensics
16© 2015 IBM Corporation Backed by the reputation and scale of IBM X-Force IBM X-Force Exchange Enhancing Value of QRadar Research and collaboration platform and API Security Analysts and Researchers Security Operations Centers (SOCs) Security Products and Technologies OPEN a robust platform with access to a wealth of threat intelligence data SOCIAL a collaborative platform for sharing threat intelligence ACTIONABLE an integrated solution to help quickly stop threats A new platform to consume, share, and act on threat intelligence IBM X-Force Exchange is:
17© 2015 IBM Corporation Extending QRadar Security Intelligence Platform to the Cloud FLEXIBLE a full suite of upgradeable security analytics offerings and service levels to choose from COST EFFECTIVE acquire and deploy quickly with no CapEx investment PEACE OF MIND trusted IBM security service professionals available to provide guidance and meet your security requirements Threat Indicators  Cloud-based offering of the #1 Security Intelligence solution  IBM deploys, maintains and supports infrastructure  Protects against threats and reduces compliance risk  Leverages real-time threat intelligence from X-Force  Collects data from both on-premise and cloud resources Accelerate your ability to identify and stop cyber threats with Extensive data sources Security devices Servers and mainframes Network and virtual activity Data activity Application activity Configuration information Vulnerabilities and threats Users and identities
18© 2015 IBM Corporation IBM Security QRadar for MSSPs COST EFFECTIVE Single and multi-tenanted enabling low cost, rapid delivery of security intelligence services AUTOMATED driving simplicity and accelerating time-to-value for service providers SCALABLE & FLEXIBLE Scales as needed from the smallest to the largest customers with centralized management New capabilities creating profitable opportunities for MSSPs IBM QRadar is:  Multi-tenant and single deployment options  Master Console for centralized view of multiple clients  System configuration template support  Horizontal scalability  Extensive APIs for enterprise integration  Cloud-ready  Flexible MSSP pricing options
19© 2015 IBM Corporation Recent QRadar Investments and Innovations  Advanced Search  Historical Correlation  X-Force Exchange Integration  Real-Time Threat Intelligence  Open API’s for expanded integrations  500+ Devices, Systems and Applications Supported  Rules/Building Blocks – over 500 enabled out-of-the-box  Over 1600 unique reports now available
20© 2015 IBM Corporation IBM zSecure IBM Security AppScan IBM Security Network Protection XGS IBM Security Access Manager IBM Security Privileged Identity Manager IBM InfoSphere Guardium IBM Security Identity Manager IBM Security Directory Server and Integrator IBM Endpoint Manager IBM Trusteer Apex QRadar is the Centerpiece of IBM Security Integration People Data Applications Infrastructure Advanced Fraud Protection IBM QRadar Security Intelligence Platform
21© 2015 IBM Corporation IBM QRadar Supports Hundreds of Third-Party Products IBM QRadar Security Intelligence Platform
22© 2015 IBM Corporation QRadar Security Intelligence Solution Delivery Models  Hardware-based appliances  Software for qualified, client-owned servers  Virtual appliances for VMware environments  Cloud  SaaS- Security Intelligence on Cloud Capital and Operating Expense Options: Operational Expense Option:
23© 2015 IBM Corporation IBM Services Managed SIEM Delivering SIEM optimization with advanced threat protection  SIEM design and build services  Use case design and log acquisition  SIEM implementation  SIEM optimization Custom-tailored engagement  Threat monitoring and response  SIEM administrative support  SIEM infrastructure management  SIEM reporting Steady-state SIEM management Managed SIEMSIEM optimization More quickly identify and remediate Deploy robust security intelligence and incident forensics Consolidate data silos Collect, correlate and report on data in one integrated solution Better predict business risks Engage entire risk management lifecycle for infrastructures Detect insider fraud Adopt next- generation SIEM with identity correlation Address regulation mandates Automate data collection and configuration audits Optimize staff resources Offload security monitoring and device management
24© 2015 IBM Corporation IBM X-Force and Security Services – A Winning Combination monitored countries (MSS) service delivery experts devices under contract + endpoints protected + events managed per day + IBM Security by the Numbers + +
25© 2015 IBM Corporation Client example: An international energy company reduces billions of events per day to find those that should be investigated An international energy firm analyzes 2 billion events per day to find 20-25 potential offenses to investigate Business challenge  Reducing huge number of events to find the ones that need to be investigated  Automating the process of analyzing security data Solutions (QRadar SIEM, QFlow, Risk Manager) Combined analysis of historical data with real-time alerts to gain a ‘big picture’ view and uncover patterns of unusual activity humans miss and immediately block suspected traffic Optimize threat analysis
26© 2015 IBM Corporation Visit our Website: http://ibm.co/QRadar Read our blog Learn more about IBM Security QRadar SIEM Download the 2015 Gartner Magic Quadrant for SIEM
27© 2015 IBM Corporation 133 countries where IBM delivers managed security services 20 industry analyst reports rank IBM Security as a LEADER TOP 3 enterprise security software vendor in total revenue 10K clients protected including… 24 of the top 33 banks in Japan, North America, and Australia Learn more about IBM Security Visit our web page IBM.com/Security Watch our videos IBM Security YouTube Channel Read new blog posts SecurityIntelligence.com Follow us on Twitter @ibmsecurity
© 2015 IBM Corporation Q&A
© Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. THANK YOUwww.ibm.com/security

Recommended

Qradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalQradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalArrow ECS UK
 
IBM Qradar-Advisor
IBM Qradar-AdvisorIBM Qradar-Advisor
IBM Qradar-AdvisorLuigi Perrone
 
IBM Security Intelligence
IBM Security IntelligenceIBM Security Intelligence
IBM Security IntelligenceAnna Landolfi
 
IBM Qradar
IBM QradarIBM Qradar
IBM QradarCoenraad Smith
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewCamilo Fandiño Gómez
 
Qradar Business Case
Qradar Business CaseQradar Business Case
Qradar Business CaseEnterprise Technology Management (ETM)
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadarVirginia Fernandez
 
Extend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsExtend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsIBM Security
 

Recommended

Qradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalQradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalArrow ECS UK
 
IBM Qradar-Advisor
IBM Qradar-AdvisorIBM Qradar-Advisor
IBM Qradar-AdvisorLuigi Perrone
 
IBM Security Intelligence
IBM Security IntelligenceIBM Security Intelligence
IBM Security IntelligenceAnna Landolfi
 
IBM Qradar
IBM QradarIBM Qradar
IBM QradarCoenraad Smith
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewCamilo Fandiño Gómez
 
Qradar Business Case
Qradar Business CaseQradar Business Case
Qradar Business CaseEnterprise Technology Management (ETM)
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadarVirginia Fernandez
 
Extend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsExtend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsIBM Security
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...Andris Soroka
 
Whitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security IntelligenceWhitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security IntelligenceCamilo Fandiño Gómez
 
IBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmapIBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmapDATA SECURITY SOLUTIONS
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewCamilo Fandiño Gómez
 
From SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardFrom SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardEMC
 
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014Andris Soroka
 
MISTI Infosec 2010- SIEM Implementation
MISTI Infosec 2010- SIEM ImplementationMISTI Infosec 2010- SIEM Implementation
MISTI Infosec 2010- SIEM ImplementationMichael Nickle
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA IBM Security
 
SIEM vs Log Management - Data Security Solutions 2011
SIEM vs Log Management - Data Security Solutions 2011 SIEM vs Log Management - Data Security Solutions 2011
SIEM vs Log Management - Data Security Solutions 2011 Andris Soroka
 
IBM QRadar Xforce
IBM QRadar XforceIBM QRadar Xforce
IBM QRadar Xforcesreenivas1591
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016IBM Security
 
IBM-QRadar-Corporate-Online-Training.
IBM-QRadar-Corporate-Online-Training.IBM-QRadar-Corporate-Online-Training.
IBM-QRadar-Corporate-Online-Training.Avishek Priyadarshi
 
Security Information Event Management - nullhyd
Security Information Event Management - nullhydSecurity Information Event Management - nullhyd
Security Information Event Management - nullhydn|u - The Open Security Community
 
SIEM evolution
SIEM evolutionSIEM evolution
SIEM evolutionStijn Vande Casteele
 
IBM Security QFlow & Vflow
IBM Security QFlow & VflowIBM Security QFlow & Vflow
IBM Security QFlow & VflowCamilo Fandiño Gómez
 
Top Cybersecurity Threats and How SIEM Protects Against Them
Top Cybersecurity Threats and How SIEM Protects Against ThemTop Cybersecurity Threats and How SIEM Protects Against Them
Top Cybersecurity Threats and How SIEM Protects Against ThemSBWebinars
 
SIEM Primer:
SIEM Primer:SIEM Primer:
SIEM Primer:Anton Chuvakin
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Sirius
 
IBM Security Immune System
IBM Security Immune SystemIBM Security Immune System
IBM Security Immune SystemJuan Pablo Coelho
 
Beginner's Guide to SIEM
Beginner's Guide to SIEM Beginner's Guide to SIEM
Beginner's Guide to SIEM AlienVault
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)k33a
 
HP ArcSight
HP ArcSight HP ArcSight
HP ArcSight Mohamed Zohair
 

More Related Content

What's hot

DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...Andris Soroka
 
Whitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security IntelligenceWhitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security IntelligenceCamilo Fandiño Gómez
 
IBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmapIBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmapDATA SECURITY SOLUTIONS
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewCamilo Fandiño Gómez
 
From SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardFrom SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardEMC
 
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014Andris Soroka
 
MISTI Infosec 2010- SIEM Implementation
MISTI Infosec 2010- SIEM ImplementationMISTI Infosec 2010- SIEM Implementation
MISTI Infosec 2010- SIEM ImplementationMichael Nickle
 
SIEM vs Log Management - Data Security Solutions 2011
SIEM vs Log Management - Data Security Solutions 2011 SIEM vs Log Management - Data Security Solutions 2011
SIEM vs Log Management - Data Security Solutions 2011 Andris Soroka
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016IBM Security
 
IBM-QRadar-Corporate-Online-Training.
IBM-QRadar-Corporate-Online-Training.IBM-QRadar-Corporate-Online-Training.
IBM-QRadar-Corporate-Online-Training.Avishek Priyadarshi
 
Top Cybersecurity Threats and How SIEM Protects Against Them
Top Cybersecurity Threats and How SIEM Protects Against ThemTop Cybersecurity Threats and How SIEM Protects Against Them
Top Cybersecurity Threats and How SIEM Protects Against ThemSBWebinars
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Sirius
 

What's hot (19)

DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
 
Whitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security IntelligenceWhitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security Intelligence
 
IBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmapIBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmap
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
 
From SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardFrom SIEM to SA: The Path Forward
From SIEM to SA: The Path Forward
 
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
 
MISTI Infosec 2010- SIEM Implementation
MISTI Infosec 2010- SIEM ImplementationMISTI Infosec 2010- SIEM Implementation
MISTI Infosec 2010- SIEM Implementation
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
 
SIEM vs Log Management - Data Security Solutions 2011
SIEM vs Log Management - Data Security Solutions 2011 SIEM vs Log Management - Data Security Solutions 2011
SIEM vs Log Management - Data Security Solutions 2011
 
IBM QRadar Xforce
IBM QRadar XforceIBM QRadar Xforce
IBM QRadar Xforce
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
 
IBM-QRadar-Corporate-Online-Training.
IBM-QRadar-Corporate-Online-Training.IBM-QRadar-Corporate-Online-Training.
IBM-QRadar-Corporate-Online-Training.
 
Security Information Event Management - nullhyd
Security Information Event Management - nullhydSecurity Information Event Management - nullhyd
Security Information Event Management - nullhyd
 
SIEM evolution
SIEM evolutionSIEM evolution
SIEM evolution
 
IBM Security QFlow & Vflow
IBM Security QFlow & VflowIBM Security QFlow & Vflow
IBM Security QFlow & Vflow
 
Top Cybersecurity Threats and How SIEM Protects Against Them
Top Cybersecurity Threats and How SIEM Protects Against ThemTop Cybersecurity Threats and How SIEM Protects Against Them
Top Cybersecurity Threats and How SIEM Protects Against Them
 
SIEM Primer:
SIEM Primer:SIEM Primer:
SIEM Primer:
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
 
IBM Security Immune System
IBM Security Immune SystemIBM Security Immune System
IBM Security Immune System
 

Viewers also liked

Beginner's Guide to SIEM
Beginner's Guide to SIEM Beginner's Guide to SIEM
Beginner's Guide to SIEM AlienVault
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)k33a
 
Language and Meta-language for Enterprise Architecture
Language and Meta-language for Enterprise ArchitectureLanguage and Meta-language for Enterprise Architecture
Language and Meta-language for Enterprise ArchitectureIvo Velitchkov
 
Implementing and Running SIEM: Approaches and Lessons
Implementing and Running SIEM: Approaches and LessonsImplementing and Running SIEM: Approaches and Lessons
Implementing and Running SIEM: Approaches and LessonsAnton Chuvakin
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk M sharifi
 

Viewers also liked (6)

Beginner's Guide to SIEM
Beginner's Guide to SIEM Beginner's Guide to SIEM
Beginner's Guide to SIEM
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
 
HP ArcSight
HP ArcSight HP ArcSight
HP ArcSight
 
Language and Meta-language for Enterprise Architecture
Language and Meta-language for Enterprise ArchitectureLanguage and Meta-language for Enterprise Architecture
Language and Meta-language for Enterprise Architecture
 
Implementing and Running SIEM: Approaches and Lessons
Implementing and Running SIEM: Approaches and LessonsImplementing and Running SIEM: Approaches and Lessons
Implementing and Running SIEM: Approaches and Lessons
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk
 

Similar to How to Choose the Right Security Information and Event Management (SIEM) Solution

IBM Qradar & resilient
IBM Qradar & resilientIBM Qradar & resilient
IBM Qradar & resilientPrime Infoserv
 
QRadar_on_Cloud_client_presentation.PPTX
QRadar_on_Cloud_client_presentation.PPTXQRadar_on_Cloud_client_presentation.PPTX
QRadar_on_Cloud_client_presentation.PPTXNatashaVerma29
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016Francisco González Jiménez
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...IBM Security
 
Cognitive security
Cognitive securityCognitive security
Cognitive securityIqra khalil
 
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...IBM Security
 
CYBER-i Corporate Dossier
CYBER-i Corporate Dossier CYBER-i Corporate Dossier
CYBER-i Corporate Dossier AGC Networks Ltd
 
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...IBM Security
 
Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles
Webinar - Automotive SOC - Security Data Analytics for Connected VehiclesWebinar - Automotive SOC - Security Data Analytics for Connected Vehicles
Webinar - Automotive SOC - Security Data Analytics for Connected VehiclesHARMAN Connected Services
 
Security Transformation Services
Security Transformation ServicesSecurity Transformation Services
Security Transformation Servicesxband
 
SIEM Vendor Neutrality
SIEM Vendor NeutralitySIEM Vendor Neutrality
SIEM Vendor NeutralityVandana Verma
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSmmiznoni
 
Securing Beyond the Cloud Generation
Securing Beyond the Cloud GenerationSecuring Beyond the Cloud Generation
Securing Beyond the Cloud GenerationForcepoint LLC
 
Fernando Imperiale - Security Intelligence para PYMES
Fernando Imperiale - Security Intelligence para PYMESFernando Imperiale - Security Intelligence para PYMES
Fernando Imperiale - Security Intelligence para PYMESFernando M. Imperiale
 
IBM - Security Intelligence para PYMES
IBM - Security Intelligence para PYMESIBM - Security Intelligence para PYMES
IBM - Security Intelligence para PYMESFernando M. Imperiale
 
IBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy SectorIBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy SectorFMA Summits
 
Introduction to QRadar
Introduction to QRadarIntroduction to QRadar
Introduction to QRadarPencilData
 

Similar to How to Choose the Right Security Information and Event Management (SIEM) Solution (20)

IBM Qradar & resilient
IBM Qradar & resilientIBM Qradar & resilient
IBM Qradar & resilient
 
QRadar_on_Cloud_client_presentation.PPTX
QRadar_on_Cloud_client_presentation.PPTXQRadar_on_Cloud_client_presentation.PPTX
QRadar_on_Cloud_client_presentation.PPTX
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
 
Cognitive security
Cognitive securityCognitive security
Cognitive security
 
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
 
CYBER-i Corporate Dossier
CYBER-i Corporate Dossier CYBER-i Corporate Dossier
CYBER-i Corporate Dossier
 
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
 
Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles
Webinar - Automotive SOC - Security Data Analytics for Connected VehiclesWebinar - Automotive SOC - Security Data Analytics for Connected Vehicles
Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles
 
Security Transformation Services
Security Transformation ServicesSecurity Transformation Services
Security Transformation Services
 
SIEM Vendor Neutrality
SIEM Vendor NeutralitySIEM Vendor Neutrality
SIEM Vendor Neutrality
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPS
 
Securing Beyond the Cloud Generation
Securing Beyond the Cloud GenerationSecuring Beyond the Cloud Generation
Securing Beyond the Cloud Generation
 
Fernando Imperiale - Security Intelligence para PYMES
Fernando Imperiale - Security Intelligence para PYMESFernando Imperiale - Security Intelligence para PYMES
Fernando Imperiale - Security Intelligence para PYMES
 
IBM - Security Intelligence para PYMES
IBM - Security Intelligence para PYMESIBM - Security Intelligence para PYMES
IBM - Security Intelligence para PYMES
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
 
IBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy SectorIBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy Sector
 
Introduction to QRadar
Introduction to QRadarIntroduction to QRadar
Introduction to QRadar
 
Mitigate attacks with IBM BigFix and Q-Radar
Mitigate attacks with IBM BigFix and Q-RadarMitigate attacks with IBM BigFix and Q-Radar
Mitigate attacks with IBM BigFix and Q-Radar
 
Cyber threats
Cyber threatsCyber threats
Cyber threats
 

More from IBM Security

Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsIBM Security
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...IBM Security
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...IBM Security
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIBM Security
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...IBM Security
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...IBM Security
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackIBM Security
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationIBM Security
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?IBM Security
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceIBM Security
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...IBM Security
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...IBM Security
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...IBM Security
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowIBM Security
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsIBM Security
 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020IBM Security
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityIBM Security
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident ResponseIBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats IBM Security
 
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...IBM Security
 

More from IBM Security (20)

Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do Now
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and Security
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident Response
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
 
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
 

Recently uploaded

AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 

Recently uploaded (20)

AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 

How to Choose the Right Security Information and Event Management (SIEM) Solution

  • 1. © 2015 IBM Corporation John Burnham Director, Strategic Communications and Analyst Relations IBM Security Chris Meenan Director, Security Intelligence Product Management and Strategy IBM Security How to Choose the Right Security Information and Event Management (SIEM) Solution
  • 2. 2© 2015 IBM Corporation Agenda  Introduction  2015 Gartner Magic Quadrant for SIEM  IBM Security QRadar SIEM Solutions – How we got here
  • 3. 3© 2015 IBM Corporation Agenda  Introduction  2015 Gartner Magic Quadrant for SIEM  IBM Security QRadar SIEM Solutions – How we got here
  • 4. 4© 2015 IBM Corporation QRadar in Gartner MQ Leaders Quadrant over the last 5 years 2011 2012 2013 2014 IBM/Q1 Labs • Vertical axis is “Ability to Execute • Horizontal Axis is “Completeness of Vision” 2015 leaders leaders
  • 5. 5© 2015 IBM Corporation IBM QRadar is in SIEM Leadership Quadrant For Seventh Straight Year “Magic Quadrant for Security Information and Event Management,” Gartner, July 2015 2015 Gartner MQ for SIEM: IBM Security QRadar is highest on “Ability to Execute” (the Y-axis) AND furthest to the right on “Completeness of vision” (the X-axis)  Ability to execute is an assessment of overall viability, product service, customer experience, market responsiveness, product track record, sales execution, operations, and marketing execution.  Completeness of Vision is a rating of product strategy, innovation, market understanding, geographic strategy, and other factors  “The need for early detection of targeted attacks and data breaches is driving the expansion of new and existing SIEM deployments. Advanced users are looking to augment SIEM with advanced profiling and analytics.” Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose
  • 6. 6© 2015 IBM Corporation IBM Security QRadar in Leadership Quadrant for Seventh Straight Year “Magic Quadrant for Security Information and Event Management,” Gartner, July 2015 What Gartner is Saying about QRadar  “Midsize and large enterprises with general SIEM requirements, and those with use cases that require behavior analysis, network flow and packet analysis, should consider QRadar.”  “Customer feedback indicates that the technology is relatively straightforward to deploy and maintain in both modest and large environments.”  “QRadar provides behavior analysis capabilities for NetFlow and log events.”  “The average of IBM reference customers satisfaction scores for scalability and performance, effectiveness of predefined correlation rules, report creation, ad hoc queries, product quality and stability, and technical support is higher than the average scores for all reference customers in those areas.” #1
  • 7. 7© 2015 IBM Corporation IBM Security QRadar in Leadership Quadrant for Seventh straight year “Magic Quadrant for Security Information and Event Management,” Gartner, July 2015 Other Gartner Comments about IBM Security QRadar:  “IBM Security's QRadar Platform includes QRadar SIEM, Log Manager, Vulnerability Manager, Risk Manager, QFlow and VFLow Collectors, and Incident Forensics. QRadar can be deployed as an appliance, a virtual appliance or as SaaS/infrastructure as a service (IaaS).”  “Components can be deployed in an all-in-one solution or scaled by using separate appliances for different functions.”  “Recent enhancements include incident forensics support, new data storage appliances, improved query support across logs, flow data, threat intelligence, and vulnerability and asset data. The capability to replay historical event data through current correlation rules is also now available.”  “IBM offers a hybrid delivery option for QRadar, with an on-premises QRadar deployment, a SaaS solution hosted on IBM Cloud and optional remote monitoring from IBM's managed security service operations centers.” #1
  • 8. 8© 2015 IBM Corporation And in case you had not heard…..  According to IDC*, IBM Security Systems: – Maintained the #1 position in Identity and Access Management – Maintained #1 position in Security Vulnerability Management (which includes SIEM) – Improved its share in Endpoint Security and Network Security. – Significantly outpaced overall security software market growth, and remained the #3 security software vendor in 2013." (Approved 4/23/14, IDC Permissions/Michael Shirer)  Gartner published their 2014 revenue/share estimate and IBM Security Systems: – 2015 Gartner rates IBM #1 in SIEM (3rd year) and #2 in Enterprise Security – IBM moved up to #3 in total share, and is the fastest growing security software vendor in the global market based on revenue (2014) – Grew +3X faster than the overall market: 19/5% *According to IDC's Worldwide Semiannual Software Tracker analysis for calendar 2013
  • 9. 9© 2015 IBM Corporation Agenda  Introduction  2014 Gartner Magic Quadrant for SIEM  IBM Security QRadar SIEM Solutions – How we got here
  • 10. 10© 2015 IBM Corporation The Need for Security Intelligence – Drives Everything We Do Escalating Threats Increasing Complexity Resource Constraints • Increasingly sophisticated attack methods • Disappearing perimeters • Accelerating security breaches • Constantly changing infrastructure • Too many products from multiple vendors; costly to configure and manage • Inadequate antivirus products • Struggling security teams • Too much data with limited manpower and skills to manage it all Spear Phishing Persistence Backdoors Designer Malware
  • 11. 11© 2015 IBM Corporation IBM QRadar Security Intelligence Platform Providing actionable intelligence IBM QRadar Security Intelligence Platform AUTOMATED Driving simplicity and accelerating time-to-value INTEGRATED Unified architecture delivered in a single console INTELLIGENT Correlation, analysis and massive data reduction
  • 12. 12© 2015 IBM Corporation The Core of Our Solution: IBM Security QRadar SIEM Suspected IncidentsAutomated Offense Identification • Unlimited data collection, storage and analysis • Built in data classification • Automatic asset, service and user discovery and profiling • Real-time correlation and threat intelligence • Activity baselining and anomaly detection • Detects incidents of the box Embedded Intelligence Servers and mainframes Data activity Network and virtual activity Application activity Configuration information Security devices Users and identities Vulnerabilities and threats Global threat intelligence Prioritized Incidents
  • 13. 13© 2015 IBM Corporation Answering questions to help prevent and remediate attacks
  • 14. 14© 2015 IBM Corporation Extending the Core with In-Depth Forensics Investigation Servers and mainframes Network and virtual activity Application activity Data activity Configuration information Vulnerabilities and threats Users and identities Global threat intelligence Security devices • Automated data collection and asset discovery • Real-time, and integrated analytics • Massive data reduction • Anomaly detection QRadar Incident Forensics • Full PCAP Forensics • Detailed Incident Meta- Data Evidence • Reconstruction of content and incident activity QRadar SIEM Offenses Identified by QRadar
  • 15. 15© 2015 IBM Corporation An integrated, unified architecture in a single web-based console Log Management Security Intelligence Network Activity Monitoring Risk Management Vulnerability Management Network Forensics
  • 16. 16© 2015 IBM Corporation Backed by the reputation and scale of IBM X-Force IBM X-Force Exchange Enhancing Value of QRadar Research and collaboration platform and API Security Analysts and Researchers Security Operations Centers (SOCs) Security Products and Technologies OPEN a robust platform with access to a wealth of threat intelligence data SOCIAL a collaborative platform for sharing threat intelligence ACTIONABLE an integrated solution to help quickly stop threats A new platform to consume, share, and act on threat intelligence IBM X-Force Exchange is:
  • 17. 17© 2015 IBM Corporation Extending QRadar Security Intelligence Platform to the Cloud FLEXIBLE a full suite of upgradeable security analytics offerings and service levels to choose from COST EFFECTIVE acquire and deploy quickly with no CapEx investment PEACE OF MIND trusted IBM security service professionals available to provide guidance and meet your security requirements Threat Indicators  Cloud-based offering of the #1 Security Intelligence solution  IBM deploys, maintains and supports infrastructure  Protects against threats and reduces compliance risk  Leverages real-time threat intelligence from X-Force  Collects data from both on-premise and cloud resources Accelerate your ability to identify and stop cyber threats with Extensive data sources Security devices Servers and mainframes Network and virtual activity Data activity Application activity Configuration information Vulnerabilities and threats Users and identities
  • 18. 18© 2015 IBM Corporation IBM Security QRadar for MSSPs COST EFFECTIVE Single and multi-tenanted enabling low cost, rapid delivery of security intelligence services AUTOMATED driving simplicity and accelerating time-to-value for service providers SCALABLE & FLEXIBLE Scales as needed from the smallest to the largest customers with centralized management New capabilities creating profitable opportunities for MSSPs IBM QRadar is:  Multi-tenant and single deployment options  Master Console for centralized view of multiple clients  System configuration template support  Horizontal scalability  Extensive APIs for enterprise integration  Cloud-ready  Flexible MSSP pricing options
  • 19. 19© 2015 IBM Corporation Recent QRadar Investments and Innovations  Advanced Search  Historical Correlation  X-Force Exchange Integration  Real-Time Threat Intelligence  Open API’s for expanded integrations  500+ Devices, Systems and Applications Supported  Rules/Building Blocks – over 500 enabled out-of-the-box  Over 1600 unique reports now available
  • 20. 20© 2015 IBM Corporation IBM zSecure IBM Security AppScan IBM Security Network Protection XGS IBM Security Access Manager IBM Security Privileged Identity Manager IBM InfoSphere Guardium IBM Security Identity Manager IBM Security Directory Server and Integrator IBM Endpoint Manager IBM Trusteer Apex QRadar is the Centerpiece of IBM Security Integration People Data Applications Infrastructure Advanced Fraud Protection IBM QRadar Security Intelligence Platform
  • 21. 21© 2015 IBM Corporation IBM QRadar Supports Hundreds of Third-Party Products IBM QRadar Security Intelligence Platform
  • 22. 22© 2015 IBM Corporation QRadar Security Intelligence Solution Delivery Models  Hardware-based appliances  Software for qualified, client-owned servers  Virtual appliances for VMware environments  Cloud  SaaS- Security Intelligence on Cloud Capital and Operating Expense Options: Operational Expense Option:
  • 23. 23© 2015 IBM Corporation IBM Services Managed SIEM Delivering SIEM optimization with advanced threat protection  SIEM design and build services  Use case design and log acquisition  SIEM implementation  SIEM optimization Custom-tailored engagement  Threat monitoring and response  SIEM administrative support  SIEM infrastructure management  SIEM reporting Steady-state SIEM management Managed SIEMSIEM optimization More quickly identify and remediate Deploy robust security intelligence and incident forensics Consolidate data silos Collect, correlate and report on data in one integrated solution Better predict business risks Engage entire risk management lifecycle for infrastructures Detect insider fraud Adopt next- generation SIEM with identity correlation Address regulation mandates Automate data collection and configuration audits Optimize staff resources Offload security monitoring and device management
  • 24. 24© 2015 IBM Corporation IBM X-Force and Security Services – A Winning Combination monitored countries (MSS) service delivery experts devices under contract + endpoints protected + events managed per day + IBM Security by the Numbers + +
  • 25. 25© 2015 IBM Corporation Client example: An international energy company reduces billions of events per day to find those that should be investigated An international energy firm analyzes 2 billion events per day to find 20-25 potential offenses to investigate Business challenge  Reducing huge number of events to find the ones that need to be investigated  Automating the process of analyzing security data Solutions (QRadar SIEM, QFlow, Risk Manager) Combined analysis of historical data with real-time alerts to gain a ‘big picture’ view and uncover patterns of unusual activity humans miss and immediately block suspected traffic Optimize threat analysis
  • 26. 26© 2015 IBM Corporation Visit our Website: http://ibm.co/QRadar Read our blog Learn more about IBM Security QRadar SIEM Download the 2015 Gartner Magic Quadrant for SIEM
  • 27. 27© 2015 IBM Corporation 133 countries where IBM delivers managed security services 20 industry analyst reports rank IBM Security as a LEADER TOP 3 enterprise security software vendor in total revenue 10K clients protected including… 24 of the top 33 banks in Japan, North America, and Australia Learn more about IBM Security Visit our web page IBM.com/Security Watch our videos IBM Security YouTube Channel Read new blog posts SecurityIntelligence.com Follow us on Twitter @ibmsecurity
  • 28. © 2015 IBM Corporation Q&A
  • 29. © Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. THANK YOUwww.ibm.com/security